Hi,
there are several possibilities do to it
REGISTER Username/Extensions Enumeration
INVITE Username/Extensions Enumeration
OPTION Username/Extensions Enumeration
for more information:
http://www.hackingvoip.com/presentations/sample_chapter3_hacking_voip.pdf
rich...
On Thu, Nov 19, 2009 at
Hello Xavier,
Unfortunately we are not aware of any Asterisk configuration which will
protect against of a brute force attack on SIP.
We use BFD - http://www.rfxn.com/projects/brute-force-detection/ .
We have found first details here: http://engineertim.com/?cat=15 and we are
currently
Hi All,
I must say that there are many ways to detect password attack cause this
information actually goes into logs and it's possible to analyze them.
Couple of hours thinking + day or 2 creating gives a really nice result.
Bad thing is that by the time someone will start guessing password with
Has Asterisk any protection against brute force attack for SIP authentication?
Something like a maximum login attempt limit
Thanks
___
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
asterisk-users mailing list
To
fail2ban
http://www.voip-info.org/wiki/view/Fail2Ban+%28with+iptables%29+And+Asterisk
2009/11/16 Xavier Mesquida xavi...@yahoo.com
Has Asterisk any protection against brute force attack for SIP
authentication?
Something like a maximum login attempt limit
Thanks